[clug] Why is my SSH port forwarding failing all of a sudden?
Chris Smart
clug at christophersmart.com
Wed Feb 3 11:56:24 UTC 2016
On 03/02/16 20:53, Tony Lewis wrote:
> On 03/02/16 20:40, Tony Lewis wrote:
>> I cannot figure it out but will keep an eye on it to see if it
>> misbehaves again. It's probably me, but I just cannot figure out what
>> I broke and how I fixed it.
>
> Oh. Found it.
>
> The client authenticates as user tunnel on the tunnel server using a
> public key. Somewhere along the way, adding a new user, I had reset the
> password, with the intent of locking it afterwards ("passwd -l
> tunnel"). I expired it instead ("passwd -e tunnel"). The PKI
> authentication worked, or at least appeared to work, as the account is
> configured to not give a shell and only tunnel ports.
>
> But that's the difference. An expired password, which is where the
> login progam won't let you log in without setting a new password, locks
> at least tunnelling, and probably locks any session itself. Setting the
> password to something dumb and then locking the account has fixed the
> problem.
>
> So, again, thanks for the input.
>
Nice one, glad you found it!
-c
--
_
°v°
/(_)\
^ ^
More information about the linux
mailing list